6.5
CVSSv2

CVE-2021-40469

Published: 13/10/2021 Updated: 19/10/2021
CVSS v2 Base Score: 6.5 | Impact Score: 6.4 | Exploitability Score: 8
CVSS v3 Base Score: 7.2 | Impact Score: 5.9 | Exploitability Score: 1.2
Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P

Vulnerability Summary

Microsoft Windows DNS Server Remote Code Execution Vulnerability. Proof-of-concept exploit code is available, or an attack demonstration is not practical for most systems.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft windows server 2008 -

microsoft windows server 2008 r2

microsoft windows server 2012 -

microsoft windows server 2012 r2

microsoft windows server 2016 -

microsoft windows server 2016 20h2

microsoft windows server 2016 2004

microsoft windows server 2019 -

microsoft windows server 2022 -

Recent Articles

Microsoft Oct. Patch Tuesday Squashes 4 Zero-Day Bugs
Threatpost • Lisa Vaas • 12 Oct 2021

Today is Microsoft’s October 2021 Patch Tuesday, and it delivers fixes for four zero-day vulnerabilities, one of which is being exploited in a far-reaching espionage campaign that delivers the new MysterySnail RAT malware to Windows servers.
Microsoft reported a total of 74 vulnerabilities, three of which are rated critical.
Security researchers pointed to CVE-2021-40449, an elevation of privilege vulnerability in Win32k, as standing out from the crowd of patches, given that It’s...